Security cam blog posts on Tumblr
Module Mojo
As in previous Perl columns [3] featuring OAuth-controlled Perl applications such as Google Drive, Listing 1 [4] also uses the Mojolicious module from CPAN to ask permission to publish blog entries. When launched by typing ./tumblr-oauth
, it outputs the message:
Listing 1
tumblr-oauth
[Sat Oct 12 09:56:27 2013] [info] Listening at "http://localhost:8082". Server available at http://localhost:8082.
and then launches a web server on port 8082 of localhost. If a browser now requests the URL http://localhost:8082, the script just sends a link with the text Login on Tumblr. When you click the link, you are taken to the Tumblr login page, where you need to identify yourself with your email address and password, if you were not already logged in.
Tumblr then displays the dialog shown in Figure 8 to the user, asking permission for the Perlsnapshot application to read and write to the blog. The blog I set up previously for test purposes under the name of "Schtonk's Rants" at schtonk.tumblr.com will be used for the camera images later on. If the user now presses Allow, Tumblr refers the browser back to the previously set callback URL (http://localhost:8082) and hands over two access tokens to the local web server: oauth_token
and oauth_verifier
.
Armed with these tokens, the recipient can mess around with the users' blogs – within the constraints of the permissions – as if logged in as the users themselves. However, application users do not need to share a password but only a token, which they can revoke at any time.
A Local Web Server
To do this, Listing 1 draws on the CPAN WWW::Tumblr::Authentication::OAuth module, which includes the necessary URLs for retrieving tokens. The variables in lines 15 and 16 contain the $consumer_key
and $secret_key
values obtained in Figure 7 on registering the application.
Before the Mojolicious::Lite module starts the server, it expects some options on the command line. Against all expectations, the daemon
option starts the web server in the foreground and --listen
is assigned the local URL to listen to in line 13. To avoid the need to pass in command-line parameters to tumblr-oauth
, line 28 unceremoniously stuffs the options into the @ARGV
array and then foists them onto the Mojolicious module.
Browser requests for port 8082 without a path are fielded by the code starting in line 34, which sets the stash variable login_url
and thus converts the template in the DATA
area of the script, starting in line 90, into an HTML page with a login link, which the browser then displays. If Tumblr redirects back to the Mojolicious server after obtaining permission from the user, this happens in the /callback
path, and the code from line 45 is executed.
Line 62 uses DumpFile()
from the CPAN YAML module to store all four tokens received, as well as two new access tokens created with token()
and token_secret()
, respectively, in YAML-readable format in the .tumblr.yml
file in the home directory. Application scripts later access the file, read the tokens, and thus gain access to the user's blog.
Shots Through the Window
Listing 2 shows the actual application that grabs photos from the surveillance camera. In line 16, you need to insert the address of your own camera, plus the username and password for the camera's web interface in lines 20 and 21. The WWW::Mechanize type object's credentials()
method stores this information and automatically adds it to web requests when the camera's web server asks for a password. All you really need to retrieve data from a web server is the Perl LWP::UserAgent module, but the WWW::Mechanize superclass provides a more convenient credentials()
method that requires fewer parameters.
Listing 2
tumblr-post
The Foscam camera delivers a snapshot of its field of view as /snapshot.cgi
; the blurt()
function from the CPAN Sysadm::Install module writes the image data to a local file named snapshot.jpg
in lines 27 and 28.
« Previous 1 2 3 Next »
Buy this article as PDF
(incl. VAT)
Buy Linux Magazine
Subscribe to our Linux Newsletters
Find Linux and Open Source Jobs
Subscribe to our ADMIN Newsletters
Support Our Work
Linux Magazine content is made possible with support from readers like you. Please consider contributing when you’ve found an article to be beneficial.
News
-
Canonical Bumps LTS Support to 12 years
If you're worried that your Ubuntu LTS release won't be supported long enough to last, Canonical has a surprise for you in the form of 12 years of security coverage.
-
Fedora 40 Beta Released Soon
With the official release of Fedora 40 coming in April, it's almost time to download the beta and see what's new.
-
New Pentesting Distribution to Compete with Kali Linux
SnoopGod is now available for your testing needs
-
Juno Computers Launches Another Linux Laptop
If you're looking for a powerhouse laptop that runs Ubuntu, the Juno Computers Neptune 17 v6 should be on your radar.
-
ZorinOS 17.1 Released, Includes Improved Windows App Support
If you need or desire to run Windows applications on Linux, there's one distribution intent on making that easier for you and its new release further improves that feature.
-
Linux Market Share Surpasses 4% for the First Time
Look out Windows and macOS, Linux is on the rise and has even topped ChromeOS to become the fourth most widely used OS around the globe.
-
KDE’s Plasma 6 Officially Available
KDE’s Plasma 6.0 "Megarelease" has happened, and it's brimming with new features, polish, and performance.
-
Latest Version of Tails Unleashed
Tails 6.0 is based on Debian 12 and includes GNOME 43.
-
KDE Announces New Slimbook V with Plenty of Power and KDE’s Plasma 6
If you're a fan of KDE Plasma, you'll be thrilled to hear they've announced a new Slimbook with an AMD CPU and the latest version of KDE Plasma desktop.
-
Monthly Sponsorship Includes Early Access to elementary OS 8
If you want to get a glimpse of what's in the pipeline for elementary OS 8, just set up a monthly sponsorship to help fund its continued existence.